Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hi, is this module maintained? #73

Open
baseplate-admin opened this issue Aug 16, 2024 · 2 comments
Open

Hi, is this module maintained? #73

baseplate-admin opened this issue Aug 16, 2024 · 2 comments

Comments

@baseplate-admin
Copy link

baseplate-admin commented Aug 16, 2024
edited
Loading

Hi,

thanks for creating such an awesome package, i was wondering if it was maintained.

There are many vulnerabilities associated with get-ip-range and ip,

Could you perhaps drop them or replace them with another package?

Thanks in advance
@7heMech
Copy link

7heMech commented Dec 15, 2024

They are both user input vulnerabilites, so it shouldn't be an issue

@baseplate-admin
Copy link
Author

They are both user input vulnerabilites, so it shouldn't be an issue

While i get the point, the problem is npm always shows an critical error, also there's a pending dependabot issue. While both can be overridden by using npm overrides, i think its better to update to module downstream rather than upstream.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@baseplate-admin @7heMech